• Welcome to Hurricane Electric's IPv6 Tunnel Broker Forums.

News:

Welcome to Hurricane Electric's Tunnelbroker.net forums!

Main Menu

vyatta routing ipv6 for LAN

Started by wraithbone, February 21, 2011, 09:56:06 AM

Previous topic - Next topic

wraithbone

Hello.. i have a vyatta router that can ping ipv6.google.com perfectly.

I have set up router advertisements on my LAN interface (eth1)

My fresh installed windows 7 installs gets the gateway info and ip's as they should. they also ping the vyatta router just fine on the ipv6 interface.

BUT.... when i try and ping anything outside i just get timeouts.

here is my Vyatta configuration:
interfaces {
      ethernet eth0 {
          address dhcp
          description WAN
          duplex auto
          hw-id 00:0c:29:a6:4a:ea
          smp_affinity auto
          speed auto
      }
      ethernet eth1 {
          address 10.0.1.1/24
          address 2001:470:27:618::3/64
          description LAN
          duplex auto
          hw-id 00:0c:29:a6:4a:f4
          ipv6 {
              dup-addr-detect-transmits 1
              router-advert {
                  cur-hop-limit 64
                  link-mtu 0
                  managed-flag false
                  max-interval 600
                  other-config-flag false
                  prefix 2001:470:27:618::/64 {
                      autonomous-flag true
                      on-link-flag true
                      valid-lifetime 2592000
                  }
                  reachable-time 0
                  retrans-timer 0
                  send-advert true
              }
          }
          smp_affinity auto
          speed auto
      }
      loopback lo {
      }
      tunnel tun0 {
          address 2001:470:27:618::2/64
          description "HE.NET IPv6 Tunnel"
          encapsulation sit
          local-ip 83.90.186.144
          multicast disable
          remote-ip 216.66.80.90
          ttl 255
      }
  }
  protocols {
      static {
          interface-route6 ::/0 {
              next-hop-interface tun0 {
              }
          }
          route 0.0.0.0/0 {
              next-hop 70.197.108.181 {
              }
          }
      }
  }
  service {
      dhcp-server {
          disabled false
          shared-network-name HomeLan {
              authoritative disable
              subnet 10.0.1.0/24 {
                  default-router 10.0.1.1
                  dns-server 8.8.8.8
                  lease 86400
                  start 10.0.1.50 {
                      stop 10.0.1.150
                  }
              }
          }
      }
      dns {
          forwarding {
              cache-size 150
              listen-on eth1
              name-server 8.8.8.8
              name-server 8.8.4.4
          }
      }
      https
      ssh {
          port 22
          protocol-version v2
      }
  }
  system {
      gateway-address 80.197.108.1
      host-name router
     
      }
      name-server 8.8.8.8
      name-server 8.8.4.4
      ntp-server 0.vyatta.pool.ntp.org
      options {
          reboot-on-panic true
      }
      package {
          auto-sync 1
          repository community {
              components main
              distribution stable
              password ""
              url http://packages.vyatta.com/vyatta
              username ""
          }
      }
      syslog {
          global {
              facility all {
                  level notice
              }
              facility protocols {
                  level debug
              }
          }
      }
      time-zone GMT
  }


And here is my ipconfig and route print from a random windows machine:
C:\Users\Administrator>ipconfig /all

Windows IP Configuration

   Host Name . . . . . . . . . . . . : FILESTORE
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) PRO/1000 MT Network Connection
   Physical Address. . . . . . . . . : 00-0C-29-FB-6C-D2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:470:27:618:8c52:8443:fc0a:d54b(Prefe
rred)
   Link-local IPv6 Address . . . . . : fe80::8c52:8443:fc0a:d54b%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 10.0.1.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : fe80::20c:29ff:fea6:4af4%11
                                       10.0.1.1
   DNS Servers . . . . . . . . . . . : 8.8.8.8
                                       8.8.4.4
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{4749D684-9719-4E69-89F9-6AE5CA9B4B98}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:1006:1455:f5ff:fefd(Pref
erred)
   Link-local IPv6 Address . . . . . : fe80::1006:1455:f5ff:fefd%13(Preferred)
   Default Gateway . . . . . . . . . :
   NetBIOS over Tcpip. . . . . . . . : Disabled

C:\Users\Administrator>


and the route print:
C:\Users\Administrator>route print
===========================================================================
Interface List
11...00 0c 29 fb 6c d2 ......Intel(R) PRO/1000 MT Network Connection
  1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.1.1         10.0.1.2    266
         10.0.1.0    255.255.255.0         On-link          10.0.1.2    266
         10.0.1.2  255.255.255.255         On-link          10.0.1.2    266
       10.0.1.255  255.255.255.255         On-link          10.0.1.2    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.1.2    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.1.2    266
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         10.0.1.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination      Gateway
11    266 ::/0                     fe80::20c:29ff:fea6:4af4
  1    306 ::1/128                  On-link
13     58 2001::/32                On-link
13    306 2001:0:5ef5:79fd:1006:1455:f5ff:fefd/128
                                    On-link
11     18 2001:470:27:618::/64     On-link
11    266 2001:470:27:618:8c52:8443:fc0a:d54b/128
                                    On-link
11    266 fe80::/64                On-link
13    306 fe80::/64                On-link
13    306 fe80::1006:1455:f5ff:fefd/128
                                    On-link
11    266 fe80::8c52:8443:fc0a:d54b/128
                                    On-link
  1    306 ff00::/8                 On-link
13    306 ff00::/8                 On-link
11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

C:\Users\Administrator>



and the ping from the windows client:

C:\Users\Administrator>ping ipv6.google.com

Pinging ipv6.l.google.com [2a00:1450:8002::93] with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 2a00:1450:8002::93:
    Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\Users\Administrator>


Any suggestions on what could be wrong ? its like the router just wont route the packets. The tunnel is up, and pings from the vyatta router on ipv6 works just fine.

Thank you for any help you can offer :)


cholzhauer

I think you've used the wrong address space

Is your tunnel address 2001:470:27:618::1 ?  If so, you shouldn't be using 2001:470:27:618::3 on eth1.  On your tunnel details page, you should have a routed /64..use that instead for eth1 and other computers that attach to it

wraithbone

hello. thanks for your reply.

eth0 is my internet connection where my ip tunnel is running on named tun0.

My gateway is called 2001:470:27:618::1 on HE.Net's side.

on my side i gave it 2001:470:27:618::2.

on my lan network i tried not having 2001:470:27:618::3 assigned and used the local link address for the routing. But still to no avail.

Can you explain to me what you would change?

cholzhauer

You need to change the 2001:470:27:618::3

On your tunnel details page, you should have a routed /64..use that instead

It'll be something like 2001:470:28:618::/64

wraithbone

Ok. i removed the 2001:470:27:618::3 ip, and i have already set the prefex for the route to be 2001:470:27:618::/64.

Pings still dont go anywhere :(

the client uses the locallink ipv6 as default gateway.

Any other suggestions ?

cholzhauer

I'm saying that's the wrong prefix.

The ONLY place you use 2001:470:27:618 is on your tunnel interface

Your other interfaces should have a different prefix on them

wraithbone

ohh... :-/ so i should use


2001:470:27:618:1::/80 ?

cholzhauer

No.

Did you log into your tunnel settings page?

Log in.

Look at the line that says "routed /64"

what does it say?

wraithbone

this is the info from he.net:

IPv6 Tunnel Endpoints
Server IPv4 address:   216.66.80.90
Server IPv6 address:    2001:470:27:618::1/64
Client IPv4 address:    83.90.186.144
Client IPv6 address:    2001:470:27:618::2/64
Available DNS Resolvers
Anycasted IPv6 Caching Nameserver:   2001:470:20::2
Anycasted IPv4 Caching Nameserver:   74.82.42.42
Routed IPv6 Prefixes and rDNS Delegations
Routed /48:    Allocate /48
Routed /64:    2001:470:28:618::/64
RDNS Delegation NS1:    ns1.he.net
RDNS Delegation NS2:    ns2.he.net
RDNS Delegation NS3:    ns3.he.net
RDNS Delegation NS4:    ns4.he.net
RDNS Delegation NS5:    ns5.he.net



Can you clerify to me how the ip's are supposed to be handled ?

WAN?
LAN?
and the routed ip prefex?

wraithbone


cholzhauer

Routed /64:    2001:470:28:618::/64

use that

wraithbone

OMG! i didnt realise the ip's we connect with and the routed segments where 2 different segments!

Thanks! that did the trick! :D

Now everything seems to work! :)

UltraZero

Congrats  Welcome Aboard. 

Enjoy...

;D

wraithbone